Designing authenticated key exchange protocols for portable devices to secure communications is an emerging issue. Recently, Wen et al. proposed two provably secure authenticated key exchange protocols for low power computing devices. However, we show that the first protocol is vulnerable to the replay attack, while the second one is subject to the generic man-in-the-middle attack. Besides, both protocols are susceptible to the modification attack as well as the user impersonation attack. Based on the underline
reasons of such successful attacks, we extend their protocols to defend such attacks.

Relation:

ICIC Express Letters: An International Journal of Research and Surveys 5(11), pp.4027-4032